Privacy Policy - Carpetcleaning Southkensington
This Privacy Policy explains how Carpetcleaning Southkensington collects, uses, stores, shares, and protects personal data relating to its customers in the South Kensington area. It applies to all customers, prospective customers, and individuals who interact with our services in the area, whether enquiries are made by phone, email, online forms, in person, or through third-party booking channels.
We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is written to help you understand what data we process, why we process it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your information.
1. Personal Data We Collect
We collect only the personal data that is necessary to deliver our services, manage customer relationships, and meet our legal obligations. The types of data we may collect include:
- Identity details: your name, title, and any information you provide when making an enquiry or booking.
- Contact details: address, telephone number, and email address.
- Service details: the type of carpet cleaning or related service requested, property access details, preferred appointment times, and service notes.
- Payment information: billing records, payment status, and transaction references. We do not retain full card details where payment processing is carried out by a secure third-party provider.
- Communication records: messages, call notes, complaints, feedback, and correspondence related to the service.
- Technical data: limited website or device information where relevant, such as IP address, browser type, and usage logs, if you interact with our digital services.
- Legal and operational data: records required for insurance, invoicing, tax, fraud prevention, and dispute management.
We do not intentionally collect special category data unless you choose to provide it and it is necessary for a specific service request or legal reason. Where such data is provided, it is processed only with appropriate safeguards and only where a lawful basis applies.
2. How We Use Your Personal Data
We use personal data to carry out the following purposes:
- to respond to enquiries and provide quotes;
- to schedule, manage, and deliver cleaning services;
- to process payments and maintain accounting records;
- to communicate about bookings, changes, follow-up, or service issues;
- to deal with complaints, claims, or disputes;
- to improve our services, training, and customer experience;
- to comply with tax, accounting, insurance, and other legal obligations;
- to prevent fraud, misuse, or unauthorised access;
- to maintain records needed for business administration and contract management.
We will only use your personal data for the purposes for which it was collected unless we reasonably consider that we need to use it for another compatible purpose. If we need to use your data for an unrelated purpose, we will explain the legal basis for doing so where required.
3. Lawful Basis for Processing
We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the situation, the lawful basis may be one or more of the following:
Contract
We process data when it is necessary to enter into or perform a contract with you. This includes taking bookings, providing quotations, delivering carpet cleaning services, and handling payment-related administration.
Legal Obligation
We may process and retain certain information where required by law, such as for tax, accounting, record-keeping, insurance, or compliance purposes.
Legitimate Interests
We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include managing customer relationships, improving operations, protecting our business from fraud, and handling service-related communications. We carry out balancing assessments where needed.
Consent
In limited cases, we may rely on your consent, for example where you agree to receive certain marketing communications or where you voluntarily provide additional information that is not required for service delivery. Where consent is used, you may withdraw it at any time.
Vital Interests
Although uncommon, we may process data to protect someone’s vital interests in emergency situations.
4. Data Retention
We keep personal data only for as long as necessary for the purpose for which it was collected, including legal, accounting, and reporting requirements. Retention periods may vary depending on the type of data and the reason for processing.
- Customer and service records: retained for the period needed to manage the service and related follow-up.
- Financial and tax records: retained for the period required by law.
- Communications and complaints: retained as long as needed to resolve issues and maintain business records.
- Marketing records: retained until you withdraw consent or object, where applicable.
When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. Retention is reviewed periodically to ensure we do not keep information longer than necessary.
5. Data Sharing and Processors
We may share personal data with trusted third parties that help us operate our business. These third parties act as processors or, in some cases, separate controllers. We only share the minimum information needed for the task and require appropriate data protection safeguards.
Examples of processors may include:
- IT and hosting providers: for secure storage, email, and system maintenance;
- Payment processors: for secure payment handling and fraud prevention;
- Accounting and invoicing providers: for bookkeeping and tax compliance;
- Customer communication tools: for managing enquiries, appointment reminders, and service updates;
- Professional advisers: such as accountants, insurers, or legal advisers where necessary;
- Subcontractors or operational partners: only where required to deliver services and subject to confidentiality and data protection obligations.
Where processors are used, they are required to act only on our instructions, keep data secure, and comply with data protection law. We do not sell personal data.
6. International Transfers
If any of our service providers store or process data outside the UK, we ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms that help protect your information to the required standard.
7. Security of Personal Data
We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, staff confidentiality practices, and data minimisation. However, no system can be guaranteed to be completely secure, and we encourage you to be careful when sharing personal information.
8. Your Rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to legal conditions and exceptions. They include:
- Right of access: you may request a copy of the personal data we hold about you.
- Right to rectification: you may request correction of inaccurate or incomplete data.
- Right to erasure: you may request deletion of your data in certain circumstances.
- Right to restriction: you may ask us to limit how we use your data in certain cases.
- Right to data portability: you may request that some data be provided to you or another controller in a structured format, where applicable.
- Right to object: you may object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent: where we rely on consent, you may withdraw it at any time.
If you wish to exercise any of these rights, we may need to verify your identity before responding. We aim to respond within the time limits required by law.
9. Marketing Preferences
Where we send marketing communications, we will do so only in line with applicable law. You can opt out of marketing at any time if you no longer want to receive such messages. If you opt out, we may still send important non-marketing messages relating to bookings, payments, or legal matters.
10. Complaints
If you have concerns about how your personal data is handled, you can raise those concerns with us first so we can try to resolve the matter. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services. Any updated version will apply from the date it is published. We encourage customers to review this policy periodically to stay informed about how their data is protected.
12. Scope of This Policy
This Privacy Policy applies to all Carpetcleaning Southkensington customers in area and to anyone whose personal data is processed in connection with our services in South Kensington. By using our services or providing your personal data to us, you acknowledge that you have read and understood the terms of this policy.
In summary: we collect only the information needed to provide carpet cleaning services, use it on a lawful basis, retain it for no longer than necessary, share it only with trusted processors where needed, and respect your data protection rights.